![Ιδρυματικό Αποθετήριο [SANDBOX]](images/dias.logo.png "Ιδρυματικό Αποθετήριο [SANDBOX]"){kind=logo}
Ιδρυματικό Αποθετήριο [SANDBOX]
Πολυτεχνείο Κρήτης
Πολυτεχνείο Κρήτης
EN
|
EL
| URI | http://purl.tuc.gr/dl/dias/55E0F6B6-211B-41CD-A296-44579D0BDAAD | - |
| Αναγνωριστικό | http://www.cs.berkeley.edu/~jordan/papers/huang-infocom07.pdf | - |
| Αναγνωριστικό | https://doi.org/10.1109/INFCOM.2007.24 | - |
| Γλώσσα | en | - |
| Μέγεθος | 9 pages | en |
| Τίτλος | Communication-efficient online detection of network-wide anomalies | en |
| Δημιουργός | Huang Ling | en |
| Δημιουργός | Nguyen XuanLong | en |
| Δημιουργός | Garofalakis Minos | en |
| Δημιουργός | Γαροφαλακης Μινως | el |
| Δημιουργός | Hellerstein Joseph M. | en |
| Δημιουργός | Jordan Michael I. | en |
| Δημιουργός | Joseph Anthony | en |
| Δημιουργός | Taft Nina | en |
| Εκδότης | Institute of Electrical and Electronics Engineers | en |
| Περίληψη | There has been growing interest in building large-scale distributed monitoring systems for sensor, enterprise, and ISP networks. Recent work has proposed using principal component analysis (PCA) over global traffic matrix statistics to effectively isolate network-wide anomalies. To allow such a PCA-based anomaly detection scheme to scale, we propose a novel approximation scheme that dramatically reduces the burden on the production network. Our scheme avoids the expensive step of centralizing all the data by performing intelligent filtering at the distributed monitors. This filtering reduces monitoring bandwidth overheads, but can result in the anomaly detector making incorrect decisions based on a perturbed view of the global data set. We employ stochastic matrix perturbation theory to bound such errors. Our algorithm selects the filtering parameters at local monitors such that the errors made by the detector are guaranteed to lie below a user-specified upper bound. Our algorithm thus allows network operators to explicitly balance the tradeoff between detection accuracy and the amount of data communicated over the network. In addition, our approach enables real-time detection because we exploit continuous monitoring at the distributed monitors. Experiments with traffic data from Abilene backbone network demonstrate that our methods yield significant communication benefits while simultaneously achieving high detection accuracy. | en |
| Τύπος | Πλήρης Δημοσίευση σε Συνέδριο | el |
| Τύπος | Conference Full Paper | en |
| Άδεια Χρήσης | http://creativecommons.org/licenses/by/4.0/ | en |
| Ημερομηνία | 2015-11-30 | - |
| Ημερομηνία Δημοσίευσης | 2007 | - |
| Θεματική Κατηγορία | Information systems | en |
| Θεματική Κατηγορία | Networks | en |
| Βιβλιογραφική Αναφορά | L. Huang, X. Nguyen, M. Garofalakis, J. M. Hellerstein, M. I. Jordan, A. D. Joseph and N. Taft, "Communication-efficient online detection of network-wide anomalies", in 26th IEEE International Conference on Computer Communications, 2007, pp. 134-142. doi: 10.1109/INFCOM.2007.24 | en |
Copyright © DIAS 2013
